tivdm1modelling relationships1 peter gorm larsen

TIVDM1 Modelling relationships 1

Modelling relationships

Peter Gorm Larsen


Agenda

Mapping Characteristics and Primitives• The MSAW Example Revisited• The Congestion Warning System Revisited


Mapping Characteristics

• Mappings are unordered collections of pairs of elements (a maplet) with a unique relationship

• There can be many copies of each maplet• The elements themselves can be arbitrary

complex, e.g. they can be mappings as well• Mappings in VDM++ are finite• Mapping types in VDM++ are written as:

• map Type1 to Type2• inmap Type1 to Type2 (for injective mappings)


Mapping Enumeration

• A maplet is written with curly brackets: “{ domv |-> rngv}”• A mapping enumeration consists of a comma-separated

list of maplets enclosed between curly brackets, ”{…}”• For example

• {1 |-> 5,8 |->1,3|-> 9}• {true|->1, false|->0,false|->0}• {“Peter”|->{}, “Frodo”|->{4,3},”John”|->{2,4}}• {‘g’|->1,’o’|->0,’d’|->1}• {3.567|->3, 0.33455|->0,7|->7,7|->,7|->7,7|->7}

Are all mappings• The empty mapping can be written as “{ |-> }”


Mapping Domain

• The domain of a mapping is the collection of the first elements in the maplets of a mapping

• Multiple occurrences of the same value does not count

• The domain of a mapping M is written as “ dom M”

• Quick examples:• dom {“Peter”|->1,”Nico”|->2,”Paul”|->3} • dom { |-> }

• dom {3|->2,3|->2,1|->8}


Mapping Range

• The range of a mapping is the collection of the second elements in the maplets of a mapping

• Multiple occurrences of the same value does not count

• The range of a mapping M is written as “rng M”• Quick examples:

• rng {“Peter”|->1,”Nico”|->2,”Paul”|->3} • rng { |-> } • rng {3|->2,3|->2,1|->8}


Mapping Equality

• Two mappings are equal if • both have the same domain and

• for all elements in the domain the corresponding range values are equal

• Quick examples:• {2|->4,1|->2} = {1|->2,2|->4}• {true|->1, true|->1, false|->0} = {false|->1, true|->1}• {1|->3,3|->8,8|->1} = {8|->3,3|->1,1|->8}• {1|->{3,4,5},2|->{4}} = {3|->{3,5,4},2|->{4,4,4}}


Mapping Application

• Looking up in a mapping for a given domain value yields the corresponding range value

• Mapping application is written as function application, i.e. mapping(domain expression)

• Quick examples:• {1|->2,3|->4,5|->6}(3)• {true|->1,false|->2,}(true)• {[5]|->1,[6,1]|->2,[4,4,4]|->3}([6,1])• {5|->[5],6|->[6,1],4|->[4,4,4]}(6)


Mapping Domain Restrictions

• It is possible to restrict the domain of a mapping to or by a given set of elements

• Domain restrictions are written as:• s <: m (restricting domain to the set s)• s <-: m (restricting domain by the set s)

• Quick examples:• {1,2,2} <: {1 |->5,4|->2}• {3,4} <: {1|->7,2|->4}• {1,3} <-: {3|->8,5|->1}• {2,4} <-: {8|->4,3|->6}


Mapping Range Restrictions

• It is possible to restrict the range of a mapping to or by a given set of elements

• Range restrictions are written as:• m :> s (restricting range to the set s)• m :-> s (restricting range by the set s)

• Quick examples:• {1 |->5,4|->2} :> {1,2,2} • {1|->7,2|->4} :> {3,4} • {3|->8,5|->1} :-> {1,3} • {8|->4,3|->6} :-> {6,4}


Mapping Override and Merge• It is possible to combine two mappings by either merging

them together (similar to set union) or by letting one mapping override another mapping

• Merging is written with munion using infix notation• munion requires mappings to be conformant, i.e. if

domains have common elements they map to the same range value

• Overriding is written with ++ using infix notation and the mapping from the second argument overrides the maplets from the first argument

• Quick examples:• {1|->2,3|->4} munion {2|->3,4|->1}• {5|->7,8|->0} munion {6|->3,5|->7}• {1|->2,3|->4,2|->8} ++ {2|->3,4|->1}• {5|->7,8|->0,6|->9} ++ {6|->3,5|->9}


Distributed Mapping Merge

• Given a set of mappings it is possible to take a distributed merge if all the mappings are conformant

• Distributed mapping merge is written as “merge ms” where ms is a set of mappings

• Quick examples• merge {{2|->4},{3|->4,1|->2},{2|->4,7|->3}}• merge {{5|->”me”,7|->”too”},{6|->”what”,8|->”now”}}• merge {}


Mapping Inverse

• A mapping is injective if all its domain elements map to different range elements

• For injective mappings it is possible to construct the inverse mapping (swapping domain and range elements)

• This is written as “inverse m” using prefix notation

• Quick examples:• inverse {1|->2,3|->4,2|->3,4|->1}• inverse {5|->7,8|->0,6|->3,5|->7}• inverse {1|->2,3|->4,2|->8,6|->3,4|->1}• inverse {|->}


Map Operators

dom m Domain (map A to B) -> set of A

rng m Range (map A to B) -> set of B

m1 munion m2 Merge (map A to B) * (map A to B) -> (map A to B)

m1 ++ m2 Override (map A to B) * (map A to B) -> (map A to B)

merge ms Distr. merge set of (map A to B) -> map A to B

s <: m Dom. restr. to set of A * (map A to B) -> map A to B

s <-: m Dom. restr. by set of A * (map A to B) -> map A to B

m :> s Rng. restr. to (map A to B) * set of A -> map A to B

m :-> s Rng. restr. by (map A to B) * set of A -> map A to B

m(d) Map apply (map A to B) * A -> B

inverse m Map inverse inmap A to B -> inmap B to A

m1 = m2 Equality (map A to B) * (map A to B) -> bool

m1 <> m2 Inequality (map A to B) * (map A to B) -> bool


Mapping Comprehensions

• Using predicates to define mappings implicitly• In VDM++ formulated like:

• {maplet | list of bindings & predicate}

• The predicate part is optional• Quick examples

• {i |-> i*i | i: nat1 & i <= 4}• {i**2 |-> i/2 | i in set {1,…,5}}


Questions

• What are the mapping enumerations for:• {x |-> x|x in set {8,…,1} & x < 3}• {x |-> 2*x|x in set {1,…,10} & x > 3 and x < 6}• {{y} |-> y - 8| y in set {3,1,7,3}}• {x |-> x+6| x in set {1,2}}• {x|->mk_(x,8)| x in set {1,2,7} & x > 4}• {y|->y|y in set {0,1,2} & exists x in set {0,…,3} & x = 2 * y}• {x|->x = 7| x in set {1,…,10} & x < 6}


Agenda

Mapping Characteristics and Primitives The MSAW Example Revisited• The Congestion Warning System Revisited


Making use of FO Identification

• In the set version of the MSAW model we had:class AirSpace is subclass of GLOBAL

instance variables

airspace : set of FO := {};

inv forall x,y in set airspace &

x <> y => x.getId() <> y.getId();

• If we use mappings this can be done simplerclass AirSpace is subclass of GLOBAL

instance variables

airspace : map FOId to FO := {|->};


An Updated Class Diagram


Adding and Removing Flying Objects

class AirSpace is subclass of GLOBAL

operations

public addFO : FO ==> ()

addFO(fo) ==

airspace := airspace munion {fo.getId() |-> fo}

pre forall x in set rng airspace & fo.getId() <> x.getId();

public removeFO : FOId ==> ()

removeFO(id) ==

airspace := {id} <-: airspace;

…


Getting Hold of a FO and Airspace

class AirSpace

…

public getFO : FOId ==> FO

getFO(id) ==

return airspace(id)

pre id in set dom airspace;

public getAirspace : () ==> set of FO

getAirspace() ==

return rng airspace;


Can Radars use Mappings?class Radar is subclass of GLOBAL instance variables

location : Coordinates; range : nat1; detected : map FOId to FO; priority : seq of FO := [];operations

public Scan : AirSpace ==> ()Scan(as) == (detected := { x.getId() |-> x | x in set as.getAirspace() & InRange(x) }; UpdatePriorityList() );


Removing and Adding FOsremoveNotDetected : set of FO ==> ()removeNotDetected(fos) == priority := [priority(i) | i in set inds priority & priority(i) in set fos]; addNewlyDetected : map FOId to FO ==> ()addNewlyDetected(newlyDetect) == priority := priority ^ set2seqFO(rng newlyDetect);

functionsset2seqFO : set of FO -> seq of FOset2seqFO(fos) == if fos = {} then [] else let fo in set fos in [fo] ^ set2seqFO(fos\{fo})


Updating Priority List

UpdatePriorityList : () ==> ()

UpdatePriorityList() ==

let notDetect = elems priority \ rng detected,

newlyDet = detected :-> elems priority

in

( removeNotDetected(notDetect);

addNewlyDetected(newlyDet)

);


Overview in Air Traffic Controllerclass Radar…public getDetectedMap : () ==> map FOId to FOgetDetectedMap() == return detected;end Radarclass AirTrafficeController

operations

OverviewAllRadars: () ==> map FOId to FOOverviewAllRadars() == merge {r.getDetectedMap() | r in set radars}

end AirTrafficeController


Agenda

Mapping Characteristics and Primitives The MSAW Example Revisited The Congestion Warning System Revisited


The CWS Revisited

• Introducing a more realistic road network• Introducing the notion of lanes• Introducing name servers• Adding sensors and actuators gradually


The Revised CWS System


Two Injective Mappings at VDM++ Level

class CWS

instance variablesroadNetwork: inmap Location to CongestionMonitor := {|->}

sensors: inmap Location to (inmap Lane to PassageSensor) := {|->};

typespublic Location = nat1;public Lane = nat1

…end CWS


Class Diagram for Revised CWS

-roadNetwork

CWS

sensors : inmap Location to (inmap Lane to PassageSensor) = {|->}

AddSensor()AddCongestionMonitor()

OperatorControl

-op

NameServer

-ns

CongestionMonitor

LocationLocation

-operator -nameServer


Adding a new Sensor

class CWS

…

operations

public AddSensor: Location * Lane ==> ()

AddSensor(loc, lane) ==

def passageSensor = new PassageSensor(loc, lane)

in

let sensorAtLane = {lane |-> passageSensor}

in

if loc in set dom sensors

then sensors(loc) := sensors(loc) munion

sensorAtLane

else sensors := sensors munion

{loc |-> sensorAtLane};

end CWS


Dealing with Name Servers

• Control over the actuation managers• Each control manager control multiple locations

class NameServer

instance variables

am: map ActuatorManager to

(set of CWS`Location) := {|->}

…

end NameServer


Setting Actuation Managers in control

class NameServer

operations

public SetActuatorManager: ActuatorManager *

set of CWS`Location ==> ()

SetActuatorManager(actuatorManager, locations) ==

am := am ++ {actuatorManager |-> locations};

end NameServer


Getting an Actuation Manager

class NameServeroperationspublic GetActuatorManager: [CWS`Location] ==> [ActuatorManager]GetActuatorManager(loc) == if loc = nil then return nil else let locations = inverse am in let locationSet in set dom locations be st loc in set locationSet in return locations (locationSet);end NameServer


Message Logs inside Congestion Sensors

class CongestionSensor is subclass of Sensor

…

instance variables

passageSensors: map CWS`Lane to PassageSensor := {|->}

end CongestionSensorNotice that the

first box on page 180 in the book is

wrong. This is the right version.


Issue Congestion Warnings

class CongestionSensor is subclass of Sensorpublic IssueCongestionStatus: () ==> CongestionSensor`CongestionStatus IssueCongestionStatus() == def averagespeed = min ({passageSensors(lane). AverageSpeed(NoPassages) | lane in set dom passageSensors}) in if averagespeed < CongestionThreshold then return <Congestion> elseif averagespeed > NoCongestionThreshold then return <NoCongestion> else return <Doubt>

end CongestionSensor


Managing Actuators

class ActuationManager

…

instance variables

as: inmap CWS`Location to Actuator := {|->};

ns: NameServer

end ActuationManager


Adding Actuator at a given Locationclass ActuationManager… operations

public AddActuator: CWS`Location ==> ()AddActuator(loc) == def actuator = new Actuator() in (as := merge {as, {loc |-> actuator}}; ns.SetLocation(self, loc) )pre loc not in set dom as;



Removing Actuatorsclass ActuationManager…operations

public RemoveActuator: Actuator ==> ()RemoveActuator(actuator) == as := as :-> {actuator};



Replacing Actuators

class ActuationManager

…

operations

public

ReplaceActuator: Actuator * Actuator ==> ()

ReplaceActuator(actuator, newActuator) ==

as := as ++ {(inverse as)(actuator) |-> newActuator};



Showing Signal at a given Locationclass OperatorControl…public ShowSignal: CWS`Location * CongestionMonitor`Signal ==> ()ShowSignal(location, signal) ==( def downstreamLocation = Downstream(location, ns.GetLocations()); downstreamManager = ns.GetActuatorManager(downstreamLocation); downstreamSignal = if downstreamManager <> nil then downstreamManager.GetSignal(downstreamLocation) else nil; actuator = as(location); upstreamLocation = Upstream(location, ns.GetLocations()); upstreamManager = ns.GetActuatorManager(upstreamLocation); upstreamSignal = if upstreamManager <> nil then upstreamManager.GetSignal(upstreamLocation) else nil in ( ShowSignalAtLoc(signal,downstreamLocation, downstreamSignal,actuator); ShowSignalUpstream(signal,upstreamLocation,upstreamManager,upstreamSignal) ) ) pre location in set dom as;end OperatorControl


Operator Utilitiesclass OperatorControl…operations

public WriteLog: seq1 of char * CWS`Location ==> ()WriteLog(message, location) == let newMessage = message ^ int2String(location), messages = if location in set dom messageLog then messageLog(location) ^ [ newMessage ] else [ newMessage ] in messageLog := messageLog ++ {location |-> messages};

public CongestionSpots: () ==> set of CWS`LocationCongestionSpots() == return dom messageLog;

end OperatorControl


Summary

• What have I presented today? • The notion of mappings as ordered collections

• The basic operations in VDM++ for manipulating mappings

• The MSAW example again

• The congestion warning system example again

• What do you need to do now?• Complete your project

• Provide report and source model to me

• Fill out evaluation form

• Tell me whether you would like an exam trial session


Quote of the day

By Herbert Hoover(1874 - 1964)

Engineering is a great profession. There is the satisfaction of watching a figment of the imagination emerge through the aid of science to a plan on paper. Then it

moves to realization in stone or metal or energy. Then it brings homes to men or women. Then it elevates the standard of living and adds to the comforts of life.

This is the engineer's high privilege.

tivdm1modelling relationships1 peter gorm larsen

Documents